Security researchers have revealed a security issue that could enable attackers to exploit the VirusTotal platform for remote code execution (RCE) on unpatched third-party sandboxing machines employed by antivirus engines. The vulnerability, now fixed, allowed to “execute commands remotely within…
The U.S. Federal Bureau of Investigation (FBI) has warned the public of the BlackCat ransomware-as-a-service (RaaS). The ransomware has affected 60 entities globally as of March 2022 (Emerged in November 2021). The ransomware, also known as ALPHV and Noberus, is…
LemonDuck, a cross-platform cryptocurrency mining botnet, is attacking Docker to steal cryptocurrency on Linux systems. The attacks form part of a bigger malware campaign. “It runs an anonymous mining operation by the use of proxy pools, which hide the wallet…
A year after potential candidates looking for work on LinkedIn were tempted with weaponized job offers, a new series of phishing assaults carrying the more eggs malware has been detected attacking corporate hiring supervisors with false resumes as an infection…
A critical flaw in the Java JDK’s handling of some encryption procedures makes it simple for attackers to create fake credentials. Oracle resolved the cryptographic flaw, which affects Java JDK versions 15 and later, with a patch distributed as part…
Audio decoders of Qualcomm and Media Tek chips have been found to have three security vulnerabilities, and if the vulnerabilities are left unpatched, it could allow the attackers to remotely access media and audio conversations on affected mobiles. Check Point,…
An improved version of the SolarMarker malware has been described in detail by researchers. Improvements have been made, as well as new defence evasion strategies for remaining undetected. SolarMarker is a trojan that has multiple stages. To deploy their attack…
The U.S Cybersecurity and Infrastructure Security Agency (CISA) has asked users to watch out for a vulnerability in the Windows Print Spooler. Although Microsoft had patched the vulnerability in February, the vulnerability is being actively exploited in the wild. Further,…
Two botnets have been trying to infect people all over the world by exploiting flaws in modems, routers, and IoT devices. These botnets, which were dubbed Enemybot and Fodcha, were capable of launching DDoS attacks. About Enemybot Background The Enemybot,…
ZingoStealer, a malware that steals data, has been tracked, and the malware has potent features that can steal data and load additional payloads. Further, the info-stealer can mine Monero cryptocurrency. What is ZingoStealer? Haskers Gang developed ZingoStealer, and the gang…
